New AFSA Governing Board (2019-2021 )Takes Office

 

New AFSA Governing Board (2019-2021). Photo by AFSA/Twitter

The 2019-2021 American Foreign Service Association Governing Board took office on July 15. It will serve a two-year term (Also see 2019-2021 AFSA Governing Board Election Results). Below via AFSA:

Incoming President Ambassador Eric Rubin comes to AFSA from his posting as Ambassador to Bulgaria, where he served from three years. He was previously deputy chief of mission in Moscow, deputy assistant secretary of State for European and Eurasian affairs, consul general in Chiang Mai, executive assistant to the under secretary of State for political affairs and Rusk Fellow at Georgetown University’s Institute for the Study of Diplomacy.

Foreign Service Officer Thomas Yazdgerdi, AFSA’s new Vice President of the Department of State constituency, is a 28-year veteran of the State Department. Yazdgerdi is finishing his tenure as Special Envoy for Holocaust Issues, but has also served in Kabul, Kirkuk, Baghdad, Pristina, Panama, Bratislava, Tirana and Athens, as well as Director of the Office of South Central European Affairs.

John K. Naland returns as Vice President for the retiree constituency. He has held numerous positions on AFSA’s board, including State Vice President and AFSA President.

Foreign Service Officers Jason SingerJay Carreiro and Michael Riedel will serve as Vice Presidents of the USAID, Foreign Commercial Service and Foreign Agricultural Service constituencies, respectively.

Completing AFSA’s leadership team, retired senior FSO Virginia L. Bennett will serve as Treasurer and Kenneth Kero-Mentz will serve as the organization’s Secretary.

Complete bios for AFSA’s elected leadership, including all officers and constituency representatives, can be found on the AFSA website.

#

Advertisements

ALL Foreign Affairs Agencies Affected By #OPMHack: DOS, USAID, FCS, FAS, BBG and APHIS

Posted: 6:15  pm  PDT
[twitter-follow screen_name=’Diplopundit’ ]

 

AFSA has now issued a notice to its membership on the OPM data breach. Below is an excerpt:

On Thursday June 4, the Office of Personnel Management (OPM) became aware of a cybersecurity incident affecting its systems and data. AFSA subsequently learned that the Personally Identifiable Information (PII) of many current and former federal employees at the foreign affairs agencies have been exposed as a result of this breach.

The most current information provided to AFSA indicates the following: Most current, former and prospective federal employees at ALL foreign affairs agencies have been affected by this breach. That includes the State Department, USAID, FCS, FAS, BBG and APHIS. OPM discovered a new breach late last week which indicates that any current, former or prospective employee for whom a background investigation has been conducted is affected.

In the coming weeks, OPM will be sending notifications to individuals whose PII was potentially compromised in this incident. The email will come from opmcio@csid.comand it will contain information regarding credit monitoring and identity theft protection services being provided to those federal employees impacted by the data breach. In the event OPM does not have an email address for the individual on file, a standard letter will be sent via the U.S. Postal Service. All the foreign affairs agencies suggest that those affected should contact the firm listed below. Members of the Foreign Commercial Service may additionally contact Commerce’s Office of Information Security at informationsecurity@doc.gov.

As a note of caution, confirm that the email you receive is, in fact, the official notification. It’s possible that malicious groups may leverage this event to launch phishing attacks.  To protect yourself, we encourage you to check the following:

  1. Make sure the sender email address is “opmcio@csid.com“.
  2. The email is sent exclusively to your work email address. No other individuals should be in the To, CC, or BCC fields.
  3. The email subject should be exactly “Important Message from the U.S. Office of Personnel Management CIO”.
  4. Do not click on the included link. Instead, record the provided PIN code, open a web browser, manually type the URL http://www.csid.com/opm into the address bar and press enter. You can then use the provided instructions to enroll using CSID’s Web portal.
  5. The email should not contain any attachments. If it does, do not open them.
  6. The email should not contain any requests for additional personal information.
  7. The official email should look like the sample screenshot below.
image via afsa.org

image via afsa.org

Additional information has been made available on the company’s website, www.csid.com/opm, and by calling toll-free 844-777-2743 (International callers: call collect 512-327-0705).

Agency-Specific Points of Contact:

If you have additional questions, contact AFSA’s constituency vice presidents and representatives:

Read the full announcement here.

Amidst this never ending round of data breaches, go ahead and read Brian Krebs’ How I Learned to Stop Worrying and Embrace the Security Freeze. The USG is not offering to pay the cost of a credit freeze but it might be worth considering.

Of course, the security freeze does not solve the problem if the intent here goes beyond stealing USG employees’ identities.   If the hackers were after the sensitive information contained in the background investigations, for use at any time in the future, not sure that a credit freeze, credit monitoring and/or ID thief protection can do anything to protect our federal employees.

Security clearance investigations, by their very nature, expose people’s darkest secrets — the things a foreign government might use to blackmail or compromise them such as drug and alcohol abuse, legal and financial troubles and romantic entanglements. (via)

I understand why the USG has to show that it is doing something to address the breach but — if a foreign government, as suspected, now has those SF-86s, how can people protect themselves from being compromised? If this is not about compromising credit, or identities of USG employees but about secrets, credit monitoring and/or ID thief protection for $20 Million will be an expensive but useless response, wouldn’t it?

#